On 6/24/2006 11:14 AM, Jim Hermann - UUN Hostmaster wrote:
How do I debug the SPF Module during SA Operations?
I have had another email marked as SPF_SOFTFAIL during the first receipt and
the From domain does not have a TXT SPF record. When I isolated the message
and ran it again, it was processed without any errors.
I suspect that there is a problem with the timeout routines in
Mail::SPF::Query and Mail::Spamassassin::Plugin::SPF. When I increased the
spf_timeout to 15, I did not have any false positives.
When spf_timeout is set to 5 (default), during the initial email receipt, I
think that Mail::SPF::Query exceeds the timeout and the timeout routine does
not work properly. The timeout error causes Mail::Spamassassin::Plugin::SPF
to classify the result as SPF_SOFTFAIL without a value for $comment. The
Spamassassin Report displays the SPF_SOFTFAIL result with [SPF failed: ]
because the $comment was blank.
5 seconds is a long time to do the DNS queries for just an SPF check.
Any time the timeout is exceeded we explicitly treat this as a SOFTFAIL.
Perhaps we'd be better off just having no result at all.
my $timer = Mail::SpamAssassin::Timeout->new({ secs => $timeout });
my $err = $timer->run_and_catch(sub {
($result, $comment) = $query->result();
});
if ($err) {
chomp $err;
warn("spf: lookup failed: $err\n");
return 0;
}
$result ||= 'softfail';
$comment ||= '';
Daryl
